Researchers warn of a new malware strain, dubbed "MosaicLoader," that hides among Windows Defender exclusions to evade detection by Microsoft's antivirus program.

Read details: https://thehackernews.com/2021/07/this-new-malware-hides-itself-among.html

Millions of HP, Samsung and Xerox printers worldwide are vulnerable to a new vulnerability (CVE-2021-3438) that has gone undetected for 16 years.

Read details: https://thehackernews.com/2021/07/16-year-old-security-bug-affects.html

New Windows and Linux Flaws Give Attackers Highest System Privileges (SYSTEM / root):

1 — Microsoft has tagged this new vulnerability CVE-2021-36934, marking it as the 3rd publicly disclosed unpatched Windows bug this month.

2 — Dubbed "Sequoia," the Linux flaw (CVE-2021-33909) affects all kernel versions from 2014, including default installations of Ubuntu, Debian, Fedora and RHEL.

https://thehackernews.com/2021/07/new-windows-and-linux-flaws-give.html

Cybersecurity researchers have discovered multiple vulnerabilities in CODESYS automation software and the WAGO PLC platform that can be remotely exploited to compromise an organization's cloud operating technology infrastructure (OT).

Read: https://thehackernews.com/2021/07/several-new-critical-flaws-affect.html

XLoader, a low-cost and popular Windows malware available on rent, has now been upgraded to allow cybercriminals to spy on Apple's macOS users.

Read: https://thehackernews.com/2021/07/xloader-windows-infostealer-malware-now.html

In an apparent supply-chain attack, a software package available from the official NPM repository has been caught stealing users’ saved passwords from their Chrome web browser.

Read details: https://thehackernews.com/2021/07/malicious-npm-package-caught-stealing.html

Another hacker, a British national, has been arrested in connection with the high-profile 2020 Twitter hack who played a role in the massive bitcoin scam.

Read details: https://thehackernews.com/2021/07/another-hacker-arrested-for-2020.html

Oracle warns of three newly discovered critical vulnerabilities in Weblogic server software that can be exploited remotely without authentication.

Read: https://thehackernews.com/2021/07/oracle-warns-of-critical-remotely.html

As part of the July 2021 Patch Updates, Oracle also released 342 fixes that span multiple products.

Kaseya has received a universal REvil decryptor to help customers recover data, nearly 3 weeks after a supply-chain ransomware attack impacted the company.



https://thehackernews.com/2021/07/kaseya-gets-universal-decryptor-to-help.html

Nasty macOS malware XCSSET has been updated once again to steal sensitive data from a variety of apps, including Chrome and Telegram.

Read: https://thehackernews.com/2021/07/nasty-macos-malware-xcsset-now-targets.html

A newly discovered "PetitPotam" NTLM relay attack can be exploited by attackers to completely take over Windows domains by forcing remote servers—including Domain Controllers—to authenticate with a malicious machine.

Details: https://thehackernews.com/2021/07/new-petitpotam-ntlm-relay-attack-lets.html

Microsoft warns of a notorious cross-platform crypto-mining malware that has refined and improved its techniques to attack Windows and #Linux operating systems.

Read details: https://thehackernews.com/2021/07/microsoft-warns-of-lemonduck-malware.html

A growing number of cybercriminals are switching from conventional programming languages to "exotic" languages—such as Go, Rust, Nim, Dlang—for #malware development that can bypass security, and complicate reverse-engineering efforts.

Read: https://thehackernews.com/2021/07/hackers-turning-to-exotic-programming.html

Rapid7 has uncovered multiple flaws affecting 3 open-source projects — EspoCRM, Pimcore, Akaunting — that are used by several small & medium-sized businesses that could provide a pathway for more sophisticated attacks.

Details: https://thehackernews.com/2021/07/several-bugs-found-in-3-open-source.html

Zimbra email collaboration software, used by over 200,000 companies, has been found vulnerable to multiple flaws that could be exploited to compromise email accounts & even take full control of mail server when hosted on a cloud infrastructure.

https://thehackernews.com/2021/07/new-bug-could-let-attackers-hijack.html

An Iranian cyberespionage group spent years posing as an aerobics instructor on Facebook to infect the computer of an aerospace defense contractor with malware.

Read details: https://thehackernews.com/2021/07/hackers-posed-as-aerobics-instructors.html

Chinese cyberespionage group PKPLUG deployed a previously undocumented variant of PlugX RAT on compromised systems during the recent wave of attacks on #Microsoft Exchange servers.

Read details: https://thehackernews.com/2021/07/chinese-hackers-implant-plugx-variant.html

Here is a list of the top 30 most commonly exploited critical security vulnerabilities that hackers weaponize against broad target sets, including public and private sector organizations worldwide.

Read details: https://thehackernews.com/2021/07/top-30-critical-security.html

Vultur — a new Android remote access trojan — uses smartphone's screen recording feature to spy on its victims and steal their banking credentials.

Details: https://thehackernews.com/2021/07/new-android-malware-uses-vnc-to-spy-and.html

Two new ransomware gangs — Haron and BlackMatter — have appeared on cybercrime forums, with one professing to be a successor to DarkSide and REvil, infamous syndicates that went off the grid following major attacks on Colonial Pipeline and Kaseya.

https://thehackernews.com/2021/07/new-ransomware-gangs-haron-and.html